Dynamic Binary Instrumentation을 활용한 악성코드 분류
- Title
- Dynamic Binary Instrumentation을 활용한 악성코드 분류
- Other Titles
- Malware Classification Method using Dynamic Binary Instrumentation
- Author
- 왕러
- Alternative Author(s)
- Le Wang
- Advisor(s)
- 임을규
- Issue Date
- 2017-08
- Publisher
- 한양대학교
- Degree
- Master
- Abstract
- With the rapid development of Internet, malware has become increasingly serious in the field of computer security. Nowadays, most existing antivirus software use signature-based methods to detect malware. However, traditional signature-based method cannot detect malware effectively, which are processed by obfuscation technique. Thus, in order to address these problems above, we propose a detection system for malware, which uses dynamic binary instrumentation (DBI). We selected Intel Pin as our DBI tools to dynamically extract instructions. The extracted instruction sequences are converted into histogram date files, and make a similarity comparison among these files using normalized cross correlation algorithm. Experiment results show that the dynamic detection system can effectively distinguish malware and benign software. Keywords: Computer Security; Dynamic Analysis; Binary Instrumentation; Instruction sequence; Malware
- URI
- http://hdl.handle.net/20.500.11754/33669http://hanyang.dcollection.net/common/orgView/200000430931
- Appears in Collections:
- GRADUATE SCHOOL[S](대학원) > COMPUTER SCIENCE(컴퓨터·소프트웨어학과) > Theses (Ph.D.)
- Files in This Item:
There are no files associated with this item.
- Export
- RIS (EndNote)
- XLS (Excel)
- XML